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What is claimed is: 

1. A method of transferring via a network boot files from 
a server to a client having a pre-OS environment, 
comprising : 

installing a client certificate of authenticity in the 
5 client; 

requesting by the client via the network that the server 
transfer the boot files to the client; 

sending by the client via the network the installed client 
certificate of authenticity; 
10 authenticating by the server of the client by the received 
client certificate of authenticity; 

sending by the server via the network a server certificate 
of authenticity to the client in response to authenticating 
by the server of the client; 
15 authenticating by the client of the server by the received 
server certificate of authenticity ; 

requesting by the authenticated client via the network that 
the authenticated server transfer the boot files to the 
authenticated client; 
20 transferring the boot files from the authenticated server 
to the authenticated client in response to the requesting 
by the authenticated client; 

authenticating by the authenticated client of the 
transferred boot files; and 
25 executing by the authenticated client of the authenticated 
boot files. 

2. The method of claim 1 wherein clients that have an 
invalid or revoked certificate are not authenticated or 
answered by the server . 
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3 . The method of claim 1 wherein servers that have an 
invalid or revoked certificate are not acknowledged by the 
client. 

4. The method of claim 1 wherein boot files received by 
the client that are incorrectly signed are not executed by 
the client. 

5. The method of claim 1 wherein the transferred boot 
files include a signature and wherein the client verifies 
the signature . 

6. A method of transferring boot files from a server to a 
client, comprising: 

authenticating by the server of the client; 
authenticating by the client of the server; and 
5 transferring the boot files from the authenticated server 
to the authenticated client. 

7. The method of claim 6 further comprising authenticating 
by the authenticated client of the transferred boot files. 

8. The method of claim 7 further comprising executing by 
the authenticated client of the authenticated boot files. 

9. The method of claim 6 wherein clients that have an 
invalid or revoked certificate are not authenticated or 
answered by the server. 

10. The method of claim 6 wherein servers that have an 
invalid or revoked certificate are not acknowledged by the 
client . 
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11. The method of claim 6 wherein boot files received by 
the client that are incorrectly signed are not executed by 
the client. 

12 . The method of claim 6 wherein the transferred boot 
files include a signature and wherein the client verifies 
the signature. 

13 . A method of transferring via a network boot files from 
a server to a client having a pre-OS environment, 
comprising : 

installing a client certificate of authenticity in the 
5 client; 

requesting by the client via the network that the server 
transfer the boot files to the client; 

sending by the client via the network the installed client 
certificate of authenticity; 
10 authenticating by the server of the client by the received 
client certificate of authenticity; and 
transferring the boot files from the server to the 
authenticated client. 

14. The method of claim 13 further comprising: 
authenticating by the authenticated client of the 
transferred boot files; 

executing by the authenticated client of the authenticated 
5 boot files. 

15. The method of claim 14 wherein boot files received by 
the client that are incorrectly signed are not executed by 
the client. 

16. The method of claim 13 wherein the transferred boot 
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files include a signature and wherein the client verifies 
the signature . 

17. The method of claim 13 wherein clients that have an 
invalid or revoked certificate are not authenticated or 
answered by the server. 

18. A method of transferring via a network boot files from 
a server to a client having a pre-OS environment, 
comprising : 

installing a client certificate of authenticity in the 
5 client; 

requesting by the client via the network that the server 
transfer the boot files to the client; 
' sending by the client via the network the installed client 
certificate of authenticity; and 
10 receiving by the client of the boot files from the server. 

19. The method of claim 18 further comprising: 
authenticating by the authenticated client of the 
transferred boot files; 

executing by the authenticated client of the authenticated 
5 boot files. 



20. The method of claim 19 wherein boot files received by 
the client that are incorrectly signed are not executed by 
the client. 

21. The method of claim 18 wherein the transferred boot 
files include a signature and wherein the client verifies 
the signature. 

22. The method of claim 18 wherein clients that have an 
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invalid or revoked certificate are not authenticated or 
answered by the server . 

23. A method of transferring via a network boot files from 
a server to a client having a pre -OS environment, 
comprising: 

receiving by the server a request from the client via the 
network that the server transfer the boot files to the 
client ; 

receiving by the server via the network a previously 
installed client certificate of authenticity from the 
client ; 

authenticating by the server of the client by the received 
client certificate of authenticity; and 
transferring the boot files from the server to the 
authenticated client. 

24. The method of claim 23 wherein clients that have an 
invalid or revoked certificate are not authenticated or 
answered by the server. 

25. The method of claim 23 wherein the transferred boot 
files include a signature and wherein the client verifies 
the signature. 

26. A method of transferring via a network boot files from 
a server to a client having a pre-OS environment, 
comprising : 

requesting by the client via the network that the server 
transfer the boot files to the client; 

sending by the server via the network a server certificate 
of authenticity to the client; 

authenticating by the client of the server by the received 
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server certificate of authenticity; 

requesting by the client via the network that the 

authenticated server transfer the boot files to the client; 

and 

transferring the boot files from the authenticated server 
to the client in response to the requesting by the client. 

27. The method of claim 26 wherein servers that have an 
invalid or revoked certificate are not acknowledged by the 
client . 

28. The method of claim 26 wherein the transferred boot 
files include a signature and wherein the client verifies 
the signature. 

29. The method of claim 28 wherein boot files received by 
the client that are incorrectly signed are not executed by 
the client. 

30. A method of transferring via a network boot files from 
a server to a client having a pre-OS environment, 
comprising: 

receiving by the server a request from the client via the 
network that the server transfer the boot files to the 
client ; 

receiving by the server via the network a previously 
installed client certificate of authenticity from the 
client ; 

authenticating by the server of the client by the received 
client certificate of authenticity; and 

sending the boot files to the authenticated client by the 
server via the network. 
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31. The method of claim 30 wherein servers that have an 
invalid or revoked certificate are not acknowledged by the 
client. 

32. The method of claim 30 wherein the transferred boot 
files include a signature and wherein the client verifies 
the signature. 

33. The method of claim 32. wherein boot files received by 
the client that are incorrectly signed are not executed by 
the client. 

34 . A method of transferring via a network boot files from 
a server to a client having a pre-OS environment, 
comprising: 

5 requesting by the client via the network that the server 
transfer the boot files to the client; 
receiving by the client via the network a server 
certificate of authenticity from the server; 
authenticating by the client of the server by the received 
10 server certificate of authenticity ; 

requesting by the client via the network that the 
authenticated server transfer the boot files to the client; 
and 

receiving the boot files from the authenticated server to 
15 the client in response to the requesting by the client. 

35. The method of claim 34 wherein servers that have an 
invalid or revoked certificate are not acknowledged by the 
client. 

36. The method of claim 34 wherein the transferred boot 
files include a signature and wherein the client verifies 
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the signature . 

37. The method of claim 34 wherein boot files received by 
the client that are incorrectly signed are not executed by 
the client. 

38. A method of transferring via a network boot files from 
a server to a client having a pre-OS environment, 
comprising : 

requesting by the client via the network that the server 
transfer the boot files to the client; 

transferring the boot files from the server to the client 
in response to the requesting by the client; 

authenticating by the client of the transferred boot files; 
and 

executing by the authenticated client of the authenticated 
boot files. 

39. The method of claim 38 wherein the transferred boot 
files include a signature and wherein the client verifies 
the signature. 

40. The method of claim 39 wherein boot files received by 
the client that are incorrectly signed are not executed by 
the client. 

41. A system for transferring boot files, comprising: 
a client; 

a server having boot files; 
5 software authenticating the client to the server; 

software authenticating the server to the client; and 
software transferring the boot files from the authenticated 
server to the authenticated client. 



5 



10 



30 



MS#302667.1 
(MSFT 5064) 
PATENT 

42. The system of claim 41 further comprising software 
authenticating the transferred boot files to the 
authenticated client. 

43. The method of claim 42 wherein the authenticated 
client includes an operating system generated from the 
executed authenticated boot files. 

44. The system of claim,-41 wherein the transferred boot 
files include a signature and , wherein the client verifies 
the signature. 

45. A computer readable medium for transferring via a 
network boot files from a server to a client having a pre- 
OS environment, comprising instructions for: 

5 requesting by the client via the network that the server 
transfer the boot files to the client; 
sending by the client via the network a previously 
installed client certificate of authenticity; and 
receiving by the client of the boot files from the server. 

46. A computer readable medium for transferring via a 
network boot files from a server to a client having a pre- 
OS environment, comprising instructions for: 

5 receiving by the server a request from the client via the 
network that the server transfer the boot files to the 
client ; 

receiving by the server via the network a previously 
installed client certificate of authenticity from the 
10 client; 

authenticating by the server of the client by the received 
client certificate of authenticity; and 
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transferring the boot files from the server to the 
authenticated client . 

47. A computer readable medium for transferring via a 
network boot files from a server to a client having a pre- 
OS environment, comprising instructions for: 

5 receiving by the server a request from the client via the 
network that the server transfer the boot files to the 
client; 

receiving by the server via the network a previously 
installed client certificate of authenticity from the 
10 client; 

authenticating by the server of the client by the received 
client certificate of authenticity; and 

sending the boot files to the authenticated client by the 
server via the network. 

48. A computer readable medium for transferring via a 
network boot files from a server to a client having a pre- 
OS environment, comprising instructions for: 
requesting by the client via the network that the server 

5 transfer the boot files to the client; 

receiving by the client via the network a server 
certificate of authenticity from the server; 
authenticating by the client of the server by the received 
server certificate of authenticity; 
10 requesting by the client via the network that the 

authenticated server transfer the boot files to the client; 
and 

receiving the boot files from the authenticated server to 
the client in response to the requesting by the client. 
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